tls(dm): fix the error when give empty tls config (#7451)

close #7384
pingcap · Nov 2, 2022 · 4c7161b · 4c7161b
1 parent de6ea32
commit 4c7161b
Show file tree

Hide file tree

Showing 7 changed files with 177 additions and 8 deletions.
diff --git a/dm/pkg/conn/basedb.go b/dm/pkg/conn/basedb.go
@@ -77,15 +77,17 @@ func (d *DefaultDBProviderImpl) Apply(config *config.DBConfig) (*BaseDB, error)
 			return nil, terror.ErrConnInvalidTLSConfig.Delegate(err)
 		}
 
-		name := "dm" + strconv.FormatInt(atomic.AddInt64(&customID, 1), 10)
-		err = mysql.RegisterTLSConfig(name, tlsConfig)
-		if err != nil {
-			return nil, terror.ErrConnRegistryTLSConfig.Delegate(err)
-		}
-		dsn += "&tls=" + name
+		if tlsConfig != nil {
+			name := "dm" + strconv.FormatInt(atomic.AddInt64(&customID, 1), 10)
+			err = mysql.RegisterTLSConfig(name, tlsConfig)
+			if err != nil {
+				return nil, terror.ErrConnRegistryTLSConfig.Delegate(err)
+			}
+			dsn += "&tls=" + name
 
-		doFuncInClose = func() {
-			mysql.DeregisterTLSConfig(name)
+			doFuncInClose = func() {
+				mysql.DeregisterTLSConfig(name)
+			}
 		}
 	}
 

diff --git a/dm/tests/tls/conf/diff_config-1.toml b/dm/tests/tls/conf/diff_config-1.toml
@@ -0,0 +1,28 @@
+# diff Configuration.
+
+check-thread-count = 4
+
+export-fix-sql = true
+
+check-struct-only = false
+
+[task]
+    output-dir = "/tmp/ticdc_dm_test/output"
+
+    source-instances = ["mysql1"]
+
+    target-instance = "tidb0"
+
+    target-check-tables = ["tls.t"]
+
+[data-sources]
+[data-sources.mysql1]
+host = "127.0.0.1"
+password = "123456"
+port = 3306
+user = "root"
+
+[data-sources.tidb0]
+host = "127.0.0.1"
+port = 4000
+user = "root"
diff --git a/dm/tests/tls/conf/dm-master-no-tls.toml b/dm/tests/tls/conf/dm-master-no-tls.toml
@@ -0,0 +1,4 @@
+# Master Configuration.
+master-addr = ":8261"
+advertise-addr = "127.0.0.1:8261"
+auto-compaction-retention = "3s"
diff --git a/dm/tests/tls/conf/dm-task-no-tls.yaml b/dm/tests/tls/conf/dm-task-no-tls.yaml
@@ -0,0 +1,52 @@
+---
+name: test
+task-mode: all
+is-sharding: false
+meta-schema: "dm_meta"
+
+target-database:
+  host: "127.0.0.1"
+  port: 4000
+  user: root
+  password: ""
+  max-allowed-packet: null
+  session: {}
+  security:
+    ssl-ca: ""
+    ssl-cert: ""
+    ssl-key: ""
+    cert-allowed-cn: []
+    ssl-ca-bytes: []
+    ssl-key-bytes: []
+    ssl-cert-bytes: []
+    ssl-ca-base64: ""
+    ssl-key-base64: ""
+    ssl-cert-base64: ""
+
+mysql-instances:
+  - source-id: "mysql-replica-01"
+    black-white-list: "instance"
+    mydumper-config-name: "global"
+    loader-config-name: "global"
+    syncer-config-name: "global"
+
+black-white-list:
+  instance:
+    do-dbs: ["tls"]
+
+mydumpers:
+  global:
+    threads: 4
+    chunk-filesize: 0
+    skip-tz-utc: true
+    extra-args: "--statement-size=100"
+
+loaders:
+  global:
+    pool-size: 16
+    dir: "./dumped_data"
+
+syncers:
+  global:
+    worker-count: 16
+    batch: 100
diff --git a/dm/tests/tls/conf/dm-worker3.toml b/dm/tests/tls/conf/dm-worker3.toml
@@ -0,0 +1,2 @@
+name = "worker3"
+join = "127.0.0.1:8261"
diff --git a/dm/tests/tls/conf/source-no-tls.yaml b/dm/tests/tls/conf/source-no-tls.yaml
@@ -0,0 +1,18 @@
+source-id: mysql-replica-01
+enable-gtid: true
+from:
+  host: 127.0.0.1
+  user: root
+  password: /Q7B9DizNLLTTfiZHv9WoEAKamfpIUs=
+  port: 3306
+  security:
+    ssl-ca: ""
+    ssl-cert: ""
+    ssl-key: ""
+    cert-allowed-cn: []
+    ssl-ca-bytes: []
+    ssl-key-bytes: []
+    ssl-cert-bytes: []
+    ssl-ca-base64: ""
+    ssl-key-base64: ""
+    ssl-cert-base64: ""
diff --git a/dm/tests/tls/run.sh b/dm/tests/tls/run.sh
@@ -384,12 +384,75 @@ function test_master_ha_when_enable_tidb_and_only_ca_source_tls() {
 	echo "============================== test_master_ha_when_enable_tidb_and_only_ca_source_tls success =================================="
 }
 
+function prepare_test_no_tls() {
+	cleanup_process
+
+	# clean test dir
+	rm -rf $WORK_DIR
+	mkdir $WORK_DIR
+
+	# kill the old tidb
+	pkill -hup tidb-server 2>/dev/null || true
+	wait_process_exit tidb-server
+
+	# restart tidb
+	run_tidb_server 4000 $TIDB_PASSWORD
+
+	cp $cur/conf/source-no-tls.yaml $WORK_DIR/source-no-tls.yaml
+
+	prepare_data
+}
+
+function test_source_and_target_with_empty_tlsconfig() {
+	prepare_test_no_tls
+
+	cp $cur/conf/dm-master-no-tls.toml $WORK_DIR/
+	cp $cur/conf/dm-worker3.toml $WORK_DIR/
+	cp $cur/conf/dm-task-no-tls.yaml $WORK_DIR/
+
+	# start DM worker and master
+	run_dm_master $WORK_DIR/master $MASTER_PORT $WORK_DIR/dm-master-no-tls.toml
+	check_rpc_alive $cur/../bin/check_master_online 127.0.0.1:$MASTER_PORT
+	run_dm_worker $WORK_DIR/worker3 $WORKER3_PORT $WORK_DIR/dm-worker3.toml
+	check_rpc_alive $cur/../bin/check_worker_online 127.0.0.1:$WORKER3_PORT
+
+	# operate mysql config to worker
+	run_dm_ctl_with_retry $WORK_DIR "127.0.0.1:$MASTER_PORT" \
+		"operate-source create $WORK_DIR/source-no-tls.yaml" \
+		"\"result\": true" 2 \
+		"\"source\": \"$SOURCE_ID1\"" 1
+
+	echo "check master alive"
+	run_dm_ctl_with_retry $WORK_DIR "127.0.0.1:$MASTER_PORT" \
+		"list-member" \
+		"\"alive\": true" 1
+
+	echo "start task and check stage"
+	run_dm_ctl_with_retry $WORK_DIR "127.0.0.1:$MASTER_PORT" \
+		"start-task $WORK_DIR/dm-task-no-tls.yaml --remove-meta=true" \
+		"\"result\": true" 2
+
+	run_dm_ctl_with_retry $WORK_DIR "127.0.0.1:$MASTER_PORT" \
+		"query-status test" \
+		"\"result\": true" 2 \
+		"\"unit\": \"Sync\"" 1
+
+	run_sql 'INSERT INTO tls.t VALUES (99,9999999);' $MYSQL_PORT1 $MYSQL_PASSWORD1
+
+	echo "check data"
+	check_sync_diff $WORK_DIR $cur/conf/diff_config-1.toml
+
+	echo "============================== test_source_and_target_with_empty_tlsconfig success =================================="
+}
+
 function run() {
 	test_master_ha_when_enable_tidb_and_only_ca_source_tls
 
 	test_worker_handle_multi_tls_tasks
 	test_worker_download_certs_from_master
 	test_worker_ha_when_enable_source_tls
+
+	test_source_and_target_with_empty_tlsconfig
 }
 
 cleanup_data tls